We use `registr_dissector()` instead of
`ndpi_set_bitmask_protocol_detection()`.
Every file in `src/lib/protocols/*.c` is a dissector.
Every dissector can handle multiple protocols.
The real goal is this small change:
```
struct call_function_struct {
- NDPI_PROTOCOL_BITMASK detection_bitmask;
```
i.e. getting rid of another protocol bitmask: this is mandatory to try
to fix#2136 (see also e845e8205b68752c997d05224d8b2fd45acde714)
As a nice side effect, we remove a bitmask comparison in the hot function
`check_ndpi_detection_func()`
TODO: change logging configuration from per-protocol to per-dissector
Don't use the same id for the same protocol identified via L3 info or
via standard TCP/UDP detection (example: ospf ip_proto 0x59 or TCP port
2604)
Before:
```
ivan@ivan-Precision-3591:~/svnrepos/nDPI(dev)$ ./example/ndpiReader -H | grep -wE 'OSPF|IPSec|AH|ESP|IP_OSPF'
79 79 IPSec UDP X Safe VPN 500,4500 500
85 85 OSPF X Acceptable Network - 2604
```
After:
```
ivan@ivan-Precision-3591:~/svnrepos/nDPI(ospf-ipsec)$ ./example/ndpiReader -H | grep -wE 'OSPF|IPSec|AH|ESP|IP_OSPF'
79 79 IPSec UDP X Safe VPN 500,4500 500
85 85 IP_OSPF X Acceptable Network - -
116 116 AH X Safe VPN - -
117 117 ESP X Safe VPN - -
184 184 OSPF TCP X Safe Network - 2604
```
This function is always called once for every flow, as last code
processing the flow itself.
As a first usage example, check here if the flow is unidirectional
(instead of checking it at every packets)
Removing JA3C is an big task. Let's start with a simple change having an
huge impact on unit tests: remove printing of JA3C information from
ndpiReader.
This way, when we will delete the actual code, the unit tests diffs
should be a lot simpler to look at.
Note that the information if the client/server cipher is weak or
obsolete is still available via flow risk
See: #2551
The Train Real Time Data Protocol (TRDP) is a UDP/TCP-based communication protocol designed for IP networks in trains, enabling data exchange between devices such as door controls and air conditioning systems. It is standardized by the IEC under IEC 61375-2-3 and is not related to the Remote Desktop Protocol (RDP).
ISO/IEC 14908-4 defines how to tunnel Control Network Protocol (CNP) over IP networks. It encapsulates protocols like EIA-709, EIA-600, and CNP, making it a versatile solution for building automation and control systems.
